bb629e3d6c5eb3602a45a26320b70fbd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb629e3d6c5eb3602a45a26320b70fbd_JaffaCakes118
Size

298KB
MD5

bb629e3d6c5eb3602a45a26320b70fbd
SHA1

8b24eed2541ff78c6b1b3fe89fabd32a88d2b6ec
SHA256

7121633caaf44dbab0202796b6be142f8dc633d13902b756a03eb6a6100d7c30
SHA512

13a101384065a44efbffc498c06d3191efcf8f267e07b2b959ae336bfe5840aceb7fa82645a7db469dc71efd38bebff8da26129ac3b621da49f043004ed4cf9d
SSDEEP

6144:6eRj0uAFgU8WvS65Z6E8M4QvzjygBR+vNZGmPN5:VjjAFgU795Z6E8M4QPyLvNIm15

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb629e3d6c5eb3602a45a26320b70fbd_JaffaCakes118

Files

bb629e3d6c5eb3602a45a26320b70fbd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6038e664cf9f4f5b593b264df21c269e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
lstrlenW
InitializeCriticalSection
WriteFile
LocalFree
FindClose
ReleaseMutex
GetEnvironmentVariableW
TlsGetValue
ReleaseMutex
FindAtomA
GetCurrentProcessId
IsBadStringPtrW
GetCurrentThreadId
CreateEventW
GlobalFlags
LoadLibraryW
GetDriveTypeA
HeapCreate
GetPrivateProfileStringA

user32

CallWindowProcW
GetClientRect
DispatchMessageA
CreateWindowExA
IsWindow
SetFocus
DrawTextA
GetSysColor
GetSysColor
EndDialog
GetClassInfoA
DrawStateW
GetKeyboardType

rastapi

DeviceDone
DeviceDone
DeviceDone
DeviceDone
DeviceDone

clbcatq

DllGetClassObject

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 288KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ